7 matches found
Cross-Site Request Forgery in JFinalCMS via the component /admin/friend_link/save
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...
Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/update
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/update...
CVE-2023-49379
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...
CVE-2023-49379
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/friendlink/delete...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /admin/friendlink/save...
CVE-2023-49380
CVE-2023-49380: JFinalCMS v5.0.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the /admin/friend_link/delete endpoint. The issue is documented across multiple sources (NVD, GHSA, OSV, CVE list) with CVSSv3.1 base score 8.8 (HIGH), attack vector NETWORK, user interaction REQUIRED, ...